Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 166597 - No way to set LDAP bind passwd without having it visible on the command line
No way to set LDAP bind passwd without having it visible on the command line
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: samba (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jay Fenlason
David Lawrence
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-08-23 14:11 EDT by Mark McLoughlin
Modified: 2014-08-31 19:27 EDT (History)
1 user (show)

See Also:
Fixed In Version: samba-common-3.0.23
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-01-02 03:22:17 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Mark McLoughlin 2005-08-23 14:11:14 EDT 
To set the LDAP bind passwd for samba (in secrets.tdb) you must use "smbpasswd
-w passwd"

It would be nice if smbpasswd would prompt for the password if it wasn't
supplied on the command line

Rationale is that for the brief time that smbpasswd is running, the password is
visible to everyone via /prov/$pid/cmdline, which isn't ideal
Comment 1 W. Michael Petullo 2005-12-24 10:27:31 EST 
This is a security issue.  The smbpasswd program should support reading the 
admin password from a prompt, and also support the -s option (read from stdin.)
 Can the owner of this bug set the severity to secruity?
Comment 2 W. Michael Petullo 2005-12-24 12:21:37 EST 
See also upstream bug: https://bugzilla.samba.org/show_bug.cgi?id=3356.
Comment 3 W. Michael Petullo 2006-03-20 10:41:07 EST 
I think this is now fixed in the upstream SVN tree.  See 
http://viewcvs.samba.org/cgi-bin/viewcvs.cgi?rev=13524&view=rev.
Comment 4 W. Michael Petullo 2006-12-30 13:17:24 EST 
It looks like Fedora has incorporated the upstream fix.  I'm not sure exactly
when this was pulled in, but samba-common-3.0.23c-2 is good (see the new -W and
-s options.)  I tried to close this bug, but I can't because I was not the reporter.
Comment 5 Mark McLoughlin 2007-01-02 03:22:17 EST 
Thanks, confirmed
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.